﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;

namespace MvcApplication2.Authorize
{
    public class MyAuthorizeAttribute : AuthorizeAttribute
    {
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            var isAuthenticated = filterContext.HttpContext.User.Identity.IsAuthenticated;
            string userName = filterContext.HttpContext.User.Identity.Name;
            string controller = filterContext.RouteData.Values["Controller"].ToString();
            string action = filterContext.RouteData.Values["action"].ToString();
            UserActionPermission userActionPermission = new UserActionPermission();
            if (!userActionPermission.UserCanAccessAction(userName, action, controller))
            {
                filterContext.Result = new HttpUnauthorizedResult();
            }
        }
    }
}